Alleged 'iPhone 6' logic board claimed to include 802.11ac Wi-Fi, NFC chip

12346

Comments

  • Reply 101 of 130
    solipsismx wrote: »

    NFC isn't "a tiny sticker." You may be thinking of simply RFID.
    Well, there is such a thing as NFC smart tags, which could be smallish stickers.
    miss priss wrote: »
    Perhaps NFC will be a way for the iWatch to communicate with the iPhone. NFC no power/low power communication might be a way to keep from having to charge up the iWatch twice a day
    Keeping your watch within a few inches from your phone is going to be inconvenient though.
  • Reply 102 of 130
    solipsismx wrote: »
    No one said that encryption wasn't needed, but you excluded the magnetic induction that NFC offers when you stated that BLE can do what NFC can do and do it better.
    How is magnetic induction something NFC "offers"? It's a consequence of the ancient RFID standards NFC based on. It has no intrinsic utility. Except maybe for smart tags. But those are a solution for problems that don't exist.
  • Reply 103 of 130
    Quote:
    Originally Posted by EricTheHalfBee View Post

     

     

    The "close proximity" argument is false. It's actually the opposite (as I explained in detail previously on AI).

     

    All a crook has to do is install a small NFC reader under the terminal. Every single transaction they record is going to be a financial transaction. This is a gold mine for criminals.

     

    Now think of BT. If a crook has a BT reader near the terminal it's going to be picking up a LOT of garbage. Not just transactions, but iBeacons, devices searching for others to pair with, the guy in front of the store using AirDrop with their buddy, people with BT headsets making phone calls - the airwaves are literally filled with garbage data. A device that records BT transmissions is going to store a huge amount of data, which the crooks will then have to sift through in order to try and extract the useful financial/personal data.

     

    Expand that to sniffing WiFi or LTE and it gets even worse - much more data, and an even smaller percentage of useful data. The worst one is your wired Internet connection (esp since the WiFi connection will also be using the wired Internet connection).

     

     

    The trick to security is not to rely on a particular connection (NFC, BT, WiFI, LTE or wired). The way to achieve better security is to avoid transmitting sensitive information in the first place.

     

    You can't "sniff" something that isn't there.


     

    Do you know or are you just guessing?

     

    AFAIK, NFC payments used by MC/Visa/etc generally do two things when you tap - it passes a virtual PAN number to the terminal along with a one-time use cryptogram. The goal being that if you tried to sniff the PAN somehow and use put it on a magstripe or try to use it online, it'll be declined since the VPAN can't be used for non-contactless transactions.

     

    Secondly the cryptogram is one-time use for that transaction and again, the VPAN won't be approved without a new valid cryptogram.

     

    The close proximity for NFC as far as I know is intended to avoid accidental touches as well as substantially limit the potential for sniffing - though again it doesn't get you data that's re-usable.

     

    The downside for non-terminal embedded methods IMO is the burden it places on merchants. No payment method can gain global B&M scale if it requires brand new equipment. Sure some merchants will adopt it if you're big enough, but you'll never get the long tail of your local corner store, the small business Chinese restaurant, etc.  The big credit card companies have spent the better part of a decade replacing older terminals with embedded NFC enabled terminals that hook into the merchant's existing processing systems. No new hardware that you don't understand, nothing that requires a special integration with your processor or acquirer, no new tech support calls when it doesn't work, etc. Even with this decade long commitment, the long tail still is a huge challenge.

     

    Is a new payment system (say Bluetooth LE) going to be globally valuable if only the biggest retailers can afford to use it and you have to always carry your wallet anyway for every other store?

     

    IMO the biggest hurdle recently for NFC payments not taking off in the US has been the intentional blocking by carriers. Having Google Wallet, which supports all major cards, blocked by AT&T and Verizon is an incredibly cynical move by them - and then creating their own wallet which is horrible in utility and incredibility limited in the cards that can be used.

     

    Apple adding support for NFC payments with the partnership of MC/Visa may very well be the wave that punctures the wall put up by telecoms.

  • Reply 104 of 130
    sirlance99sirlance99 Posts: 1,278member
    kevliu1980 wrote: »
    Do you know or are you just guessing?

    AFAIK, NFC payments used by MC/Visa/etc generally do two things when you tap - it passes a virtual PAN number to the terminal along with a one-time use cryptogram. The goal being that if you tried to sniff the PAN somehow and use put it on a magstripe or try to use it online, it'll be declined since the VPAN can't be used for non-contactless transactions.

    Secondly the cryptogram is one-time use for that transaction and again, the VPAN won't be approved without a new valid cryptogram.

    The close proximity for NFC as far as I know is intended to avoid accidental touches as well as substantially limit the potential for sniffing - though again it doesn't get you data that's re-usable.

    The downside for non-terminal embedded methods IMO is the burden it places on merchants. No payment method can gain global B&M scale if it requires brand new equipment. Sure some merchants will adopt it if you're big enough, but you'll never get the long tail of your local corner store, the small business Chinese restaurant, etc.  The big credit card companies have spent the better part of a decade replacing older terminals with embedded NFC enabled terminals that hook into the merchant's existing processing systems. No new hardware that you don't understand, nothing that requires a special integration with your processor or acquirer, no new tech support calls when it doesn't work, etc. Even with this decade long commitment, the long tail still is a huge challenge.

    Is a new payment system (say Bluetooth LE) going to be globally valuable if only the biggest retailers can afford to use it and you have to always carry your wallet anyway for every other store?

    IMO the biggest hurdle recently for NFC payments not taking off in the US has been the intentional blocking by carriers. Having Google Wallet, which supports all major cards, blocked by AT&T and Verizon is an incredibly cynical move by them - and then creating their own wallet which is horrible in utility and incredibility limited in the cards that can be used.

    Apple adding support for NFC payments with the partnership of MC/Visa may very well be the wave that punctures the wall put up by telecoms.


    You're pretty much dead on with everything you said and I agree with it completely. Especially about the telecoms and Apple will help break open the barrier with NFC.
  • Reply 105 of 130
    tallest skiltallest skil Posts: 43,399member
    Originally Posted by kevliu1980 View Post

    Having Google Wallet, which supports all major cards, blocked by AT&T and Verizon is an incredibly cynical move by them




    I’m confused by what right/authority they have to do this, and what reason has been given for going along with it instead of ignoring it entirely.

  • Reply 106 of 130
    Quote:
    Originally Posted by Tallest Skil View Post

     



    I’m confused by what right/authority they have to do this, and what reason has been given for going along with it instead of ignoring it entirely.


    Basically it comes down to who owns the phone and who has the power in the relationship. No OEM save Apple can enforce that their phones remain relatively stock. Thanks goodness, otherwise things like iMessage might have been blocked by carriers when it was first introduced since it would cut into the margins of text messaging.

     

    Google Wallet initially required access to the secure element on the phone as card credentials are stored there. It's easy for carriers to basically cut off access to the SE as they 'own' it. Recently Google released HCE (host card emulation) which bypassed the need for access to the SE. So AT&T and Verizon simply removed/disabled this feature from their versions of android software. No Android OEM nor Google has sufficent power over carriers to enforce that features stay untouched. AT&T and Verizon simply see the money and importance of payments and want their cut.

     

    It wouldn't surprise me however to see Verizon and AT&T try some shenanigans on Apple if they release a payments feature on the IP6, to be quickly followed by a smackdown by Apple.

  • Reply 107 of 130
    tallest skiltallest skil Posts: 43,399member
    Originally Posted by kevliu1980 View Post

    Basically it comes down to who owns the phone and who has the power in the relationship. No OEM save Apple can enforce that their phones remain relatively stock. Thanks goodness, otherwise things like iMessage might have been blocked by carriers when it was first introduced since it would cut into the margins of text messaging.

     

    Ah, okay. It’s just Google being the submissive whelp they’ve always been, taking on the role of the phone manufacturer pre-Apple’s entry in the market. Thanks for clarifying.

  • Reply 108 of 130
    dasanman69dasanman69 Posts: 13,001member
    Ah, okay. It’s just Google being the submissive whelp they’ve always been, taking on the role of the phone manufacturer pre-Apple’s entry in the market. Thanks for clarifying.

    Nothing Apple hasn't done in the past. They've pulled apps that suddenly had duplicate features of iOS. It's also one of the dangers Google faces by making Android 'open'.
  • Reply 109 of 130
    koopkoop Posts: 337member
    I'm still rockin the AirPort Extreme N. Just not feeling the AC at the moment. Most wifi streaming is great on N and I've finally got a stable router and everything works. Maybe in 3 years or so.
  • Reply 110 of 130
    Quote:
    Originally Posted by kevliu1980 View Post

     

     

    Do you know or are you just guessing?

     

    AFAIK, NFC payments used by MC/Visa/etc generally do two things when you tap - it passes a virtual PAN number to the terminal along with a one-time use cryptogram. The goal being that if you tried to sniff the PAN somehow and use put it on a magstripe or try to use it online, it'll be declined since the VPAN can't be used for non-contactless transactions.

     

    Secondly the cryptogram is one-time use for that transaction and again, the VPAN won't be approved without a new valid cryptogram.

     

    The close proximity for NFC as far as I know is intended to avoid accidental touches as well as substantially limit the potential for sniffing - though again it doesn't get you data that's re-usable.

     

    The downside for non-terminal embedded methods IMO is the burden it places on merchants. No payment method can gain global B&M scale if it requires brand new equipment. Sure some merchants will adopt it if you're big enough, but you'll never get the long tail of your local corner store, the small business Chinese restaurant, etc.  The big credit card companies have spent the better part of a decade replacing older terminals with embedded NFC enabled terminals that hook into the merchant's existing processing systems. No new hardware that you don't understand, nothing that requires a special integration with your processor or acquirer, no new tech support calls when it doesn't work, etc. Even with this decade long commitment, the long tail still is a huge challenge.

     

    Is a new payment system (say Bluetooth LE) going to be globally valuable if only the biggest retailers can afford to use it and you have to always carry your wallet anyway for every other store?

     

    IMO the biggest hurdle recently for NFC payments not taking off in the US has been the intentional blocking by carriers. Having Google Wallet, which supports all major cards, blocked by AT&T and Verizon is an incredibly cynical move by them - and then creating their own wallet which is horrible in utility and incredibility limited in the cards that can be used.

     

    Apple adding support for NFC payments with the partnership of MC/Visa may very well be the wave that punctures the wall put up by telecoms.


     

    I could ask you the same thing. Are you 100% sure that data sniffed is of ZERO use due to one-time use keys?

     

    I am aware of the concept of one-time use cryptograms. To take it further, some systems suggest using a one-time credit card number whereby a randomly generated CC number is created by your phone and passed to the POS terminal which can then "charge" that card number for the amount of the purchase just as if you "swiped" a card instead. The "temporary" card number becomes invalid immediately after use, so it can't be "sniffed" and used again. In other words, it's created, used and deleted within seconds.

     

    In theory this also gives you useless data if you "sniff" the transactions. Which is what I've stated all along - that security is achieved by not passing useful information - not the type of wireless connection used. And if we assume the one-time data is useless to crooks (as you suggest) then it also means that BT, WiFi or LTE are also just as secure as NFC if they also employed the same techniques. In other words, the short distance offers no advantage to security if the data truly is useless.

     

     

    I think you are exaggerating the cost & complexity of Apple introducing a new BT enabled payment system. Look at Square, for example. A small company that have been quite successful in coming up with a new type of payment system that's easy for small businesses or individuals to accept credit card payments. For Apple to create a BT enabled reader would be child's play. In fact, an Apple TV with new software could be converted to act as an in-store gateway for payments. It already has a good processor, wired Internet connection and BT built-in.

     

    All the major companies that make POS systems (this time I'm talking about cash registers and related equipment, not the actual terminal used to accept card payments) have protocols in place to connect to all the popular POS card terminals. This is why, for example, you can ring up purchases in a store and the total you owe automatically appears on the card terminal for you to approve. And I'm sure we've all been to stores that didn't have this integration and the clerk has to manually punch the dollar amount into the terminal before handing it to you to enter your PIN (or tap your card).

     

    All Apple would need to do is make sure the software on their payment gateway (Apple TV) can connect to popular POS systems. And since these companies have an interest in making sure their systems work with all types of payment processing, you can bet they're going to be more than willing to work with Apple to integrate the two.

     

     

    The bottom line is I don't think it makes sense for Apple to make a payment system that piggybacks on top of existing systems. Where's the benefit to Apple? They won't be making any money (fees) on the transactions. Where's the benefit to the consumer? Why tap my iPhone when I can tap my card? And finally, where's the benefit to the retailer? There has to be a clear benefit for both Apple, retailers and consumers. And I think Apple making their own payment system is the answer. Apple can make money on providing the service (through processing fees), retailers can save money by paying lower transaction fees (which Apple can offer due to the sheer number of people who would use the system) and customers can save money through reduced fees and also have additional payment options (like using gift cards to load up their account - great for kids/teenagers).

  • Reply 111 of 130
    Quote:
    Originally Posted by EricTheHalfBee View Post

     

     

    I could ask you the same thing. Are you 100% sure that data sniffed is of ZERO use due to one-time use keys?

     

    I am aware of the concept of one-time use cryptograms. To take it further, some systems suggest using a one-time credit card number whereby a randomly generated CC number is created by your phone and passed to the POS terminal which can then "charge" that card number for the amount of the purchase just as if you "swiped" a card instead. The "temporary" card number becomes invalid immediately after use, so it can't be "sniffed" and used again. In other words, it's created, used and deleted within seconds.

     

    In theory this also gives you useless data if you "sniff" the transactions. Which is what I've stated all along - that security is achieved by not passing useful information - not the type of wireless connection used. And if we assume the one-time data is useless to crooks (as you suggest) then it also means that BT, WiFi or LTE are also just as secure as NFC if they also employed the same techniques. In other words, the short distance offers no advantage to security if the data truly is useless.

     

     

    I think you are exaggerating the cost & complexity of Apple introducing a new BT enabled payment system. Look at Square, for example. A small company that have been quite successful in coming up with a new type of payment system that's easy for small businesses or individuals to accept credit card payments. For Apple to create a BT enabled reader would be child's play. In fact, an Apple TV with new software could be converted to act as an in-store gateway for payments. It already has a good processor, wired Internet connection and BT built-in.

     

    All the major companies that make POS systems (this time I'm talking about cash registers and related equipment, not the actual terminal used to accept card payments) have protocols in place to connect to all the popular POS card terminals. This is why, for example, you can ring up purchases in a store and the total you owe automatically appears on the card terminal for you to approve. And I'm sure we've all been to stores that didn't have this integration and the clerk has to manually punch the dollar amount into the terminal before handing it to you to enter your PIN (or tap your card).

     

    All Apple would need to do is make sure the software on their payment gateway (Apple TV) can connect to popular POS systems. And since these companies have an interest in making sure their systems work with all types of payment processing, you can bet they're going to be more than willing to work with Apple to integrate the two.

     

     

    The bottom line is I don't think it makes sense for Apple to make a payment system that piggybacks on top of existing systems. Where's the benefit to Apple? They won't be making any money (fees) on the transactions. Where's the benefit to the consumer? Why tap my iPhone when I can tap my card? And finally, where's the benefit to the retailer? There has to be a clear benefit for both Apple, retailers and consumers. And I think Apple making their own payment system is the answer. Apple can make money on providing the service (through processing fees), retailers can save money by paying lower transaction fees (which Apple can offer due to the sheer number of people who would use the system) and customers can save money through reduced fees and also have additional payment options (like using gift cards to load up their account - great for kids/teenagers).


     

    Just to be clear - I was responding to your comment which basically claimed NFC transactions were unsecure - as if the credit card companies/banks didn't think of something like this.

     

    "All a crook has to do is install a small NFC reader under the terminal. Every single transaction they record is going to be a financial transaction. This is a gold mine for criminals."

     

    This is basically misinformation for an existing product live in the marketplace.

     

    Square is also hardly where Apple wants to play - they basically created a 'better' POS terminal with a modern UI, integration into smart devices, and simplified pricing. However, they fit into the payment ecosystem simply as another processor without changing the overall equation at all - you either swipe your card for it to go through as a magstripe transaction or you type it in for a card not present (CNP) transaction. And they happen to be bleeding money and basically looking for a buyer. 

     

    Say Apple does release a new Bluetooth method to pass payment credentials from your phone to a POS through some TBD whatchamacallit (BTW you painfully underestimate the sheer number of POS terminals globally as well as the certification process with each one to ensure end-to-end security). By default it will have to default to a CNP transaction which would be terrible for in-store merchants. Magstripe, chip and sign, chip and pin, NFC, etc are all certified delivery methods that are supported by the card issuer and enforced globally by the big payment networks (MC, V). You simply cannot create a new method by yourself and expect the payment ecosystem from processors to acquirers to the network to card issuers to magically support it. If Apple wants this new delivery method to be considered secure and not CNP, all of these parties have to be onboard. Otherwise guess what, it's CNP.

     

    If Apple is truly going to release an in-store solution that they want to be used globally, I'd put my money that it will ride existing rails (most likely NFC) simply b/c Apple is smart enough not to get into the quagmire of the end-merchant world, globally. But for sure it'll add something new and likely a step forward in security. But it'll be with through playing with the other big players.

  • Reply 112 of 130
    Quote:
    Originally Posted by draugminaion View Post





    Well, there is such a thing as NFC smart tags, which could be smallish stickers.

    Keeping your watch within a few inches from your phone is going to be inconvenient though.



    You must carry a pocketwatch. I wear my watch a few inches from the hand I hold my iPhone in. 

  • Reply 113 of 130
    [quote=Miss Priss][COLOR=000000]You must carry a pocketwatch. [/COLOR]I wear my watch a few inches from the hand I hold my iPhone in. 
    [/quote]That's too far for NFC, but that doesn't even matter. One of the things the watch is supposed to be good for is to show you notifications (email, text, rain alerts, whatever) while your phone is in your pocket or your bag.
    Having the watch only show notifications when your phone is next to it is going to be pretty useless.
  • Reply 114 of 130
    nelsonxnelsonx Posts: 278member
    NFC, YES! Finally! NFC & big, big screen => Me, buying iPhone again!
  • Reply 115 of 130
    nelsonxnelsonx Posts: 278member

    Bytheway, you should check NFC World to see how widespread NFC has become! http://www.nfcworld.com/

  • Reply 116 of 130
    Quote:
    Originally Posted by NelsonX View Post

     

    Bytheway, you should check NFC World to see how widespread NFC has become! http://www.nfcworld.com/


    They've been saying this for years. Progress is really slow.

    By the time NFC for payments is in enough places to make it worthwhile for Apple it may be too late. By then payments that bypass the credit card companies might be a viable alternative, PayPal seems to be betting on this. Apple is also experimenting in this in direction in their own stores with EasyPay.

     

    NFC is yesterday's tech promised for tomorrow. Might still work though, because it's the best we can manage. For now.

     

    Sub-saharan Africa has been paying by SMS for years, they will skip NFC entirely, they are already riding the next wave. 

    Some other regions seem to be going that way too. These are regions that are not interesting for credit card companies, they see no reason to feel threatened.

     

    Classic example of disruption in operation.

     

    Apple might prefer to catch the next wave, instead of riding the tail of the last one. "Skating to where the puck will be"

    NFC might be another BlueRay for Apple.

  • Reply 117 of 130
    blazarblazar Posts: 270member
    There is nothing preventing a retailer to simply register with apple at this point with literally NO need for anything besides what the iphone 5s already has in terms of tech.

    Imessage, touchID, find my iphone and other elements are already in place for payments via apple already.

    The iwatch may add one more layer of authentication by being on your person and near your phone. The odds you will have someone lift your fingerprint AND your watch approach zero.
  • Reply 118 of 130
    lorin schultzlorin schultz Posts: 2,771member
    Quote:

    Originally Posted by EricTheHalfBee View Post

     

    I think you are exaggerating the cost & complexity of Apple introducing a new BT enabled payment system. Look at Square, for example. A small company that have been quite successful in coming up with a new type of payment system that's easy for small businesses or individuals to accept credit card payments.


     

    Yup, a simple, economical system that's easy to use and implement. Despite that, how many retailers in Vancouver have you seen using them? The Tesla dealership on Robson does, only because it integrates with the iPads all the staff carry around anyway, but other than that... ? I can't say I've ever seen anyone else use it.

     

    If a system that's easy, cheap and good for the retailer hasn't gained any traction, what is there to suggest that Apple will have any more success? Even if every single iPhone user on the planet supported an Apple program, and some won't because they won't want to change their money management practices, there aren't enough of us to sway the market.

     

    Quote:
    Originally Posted by EricTheHalfBee View Post

     

    For Apple to create a BT enabled reader would be child's play. In fact, an Apple TV with new software could be converted to act as an in-store gateway for payments. It already has a good processor, wired Internet connection and BT built-in.


     

    I agree that Apple could create an elegant, integrated payment solution. That's not the challenge. Getting their hardware installed in BILLIONS of businesses around the world is. It just won't happen. Retailers have debit/credit card readers because the bank they deal with provides them. Retailers simply aren't going to bother with an added layer of complexity (and cost) for so little benefit.

     

    I'm no expert by any means, but it seems to me that if we're ever going to see an iPhone-based payment system it's going to have to emulate existing methods.

  • Reply 119 of 130
    haarhaar Posts: 563member
    koop wrote: »
    I'm still rockin the AirPort Extreme N. Just not feeling the AC at the moment. Most wifi streaming is great on N and I've finally got a stable router and everything works. Maybe in 3 years or so.

    i was too, but received the gen6 airport extreme AC for christmas , and even though i dont use the AC feature, it has better range.
  • Reply 120 of 130
    Quote:

    Originally Posted by Lorin Schultz View Post

     

    I agree that Apple could create an elegant, integrated payment solution. That's not the challenge. Getting their hardware installed in BILLIONS of businesses around the world is. It just won't happen. 


    A truly elegant solution would require no hardware at all, because the hardware is already there.

    What if all that is needed is for the customer and retailer both to have hardware that can run the PayPal app, or Groupon, or Square, or whatever new startup. iOS (maybe through PassBook) could notify customer and retailer when both have the app and offer to start the transaction.

     

    Credit card companies often charge a per transaction fee, reason enough to use the app instead.

Sign In or Register to comment.